CODEWITHSUNDEEP
phpyii
Nikul
Nikul

Reputation: 1025

How to assign role and checkaccess method in yii?

I am new in yii for Role Management,
I have 2 Role like Admin1,Admin2
I have 2 controllers and it's action like

(1)UserController - create,update,delete
(2)CategoryController - view,create,update

I want to give checkaccess method for Admin1 like
(1)UserController - update,delete
(2)CategoryController - update

I want to give checkaccess method for Admin2 like
(1)UserController - create,update,delete
(2)CategoryController - create,view

How can i give checkpermission for this 2 controller for particular admin ? Any help will be really appreciated.

Here is my checkaccess method but it gives me error

class UserIdentity extends CUserIdentity
{
    private $_id;
        public $role;
        public $roleName;

    /**
     * Authenticates a user.
     * @return boolean whether authentication succeeds.
     */
    public function authenticate()
    {
        $username = $this->username;
        $password = md5($this->password);
        $user=Login_User::model()->findByAttributes(array('Email'=>$username,'Password'=>$password,'Status'=>'1'));
        if(empty($user))
        {
            $this->errorCode=self::ERROR_USERNAME_INVALID;
        }
        elseif($password != $user->Password)
        {
            $this->errorCode=self::ERROR_PASSWORD_INVALID;
        }
        else
        {
            $this->_id=$user->UserID;
            $this->username=$user->Email;
                        $this->role=$user->RoleID;

                        $roleQuery = "SELECT * FROM role WHERE RoleID = ".$user->RoleID." ";
                        $roleData = Yii::app()->db->createCommand($roleQuery)->queryAll();

                        if(isset($roleData[0]['Title']) && $roleData[0]['Title'] != '') {
                            $this->roleName = $roleData[0]['Title'];
                        }  

                        if($user->RoleID != '') {
                            $query = "SELECT * FROM rolepermission WHERE RoleID = ".$user->RoleID." AND Status = 1 ";
                            $permissionData = Yii::app()->db->createCommand($query)->queryAll();
                        }

                        $auth=Yii::app()->authManager;
                        $rolePemirssion=$auth->createRole($this->roleName);
                        foreach($permissionData as $key => $value) {
                            $rolePemirssion->addChild($value['Controller'].$value['Action']);
                        }
            $this->errorCode=self::ERROR_NONE;
        }
        return $this->errorCode==self::ERROR_NONE;
    }

}

Upvotes: 0

Views: 816

Answers (1)

AxelPAL
AxelPAL

Reputation: 1027

You should use yii access control filters

 class UserController extends CController
 {
   …
   public function accessRules()
   {
       return array(
           ...
           array('allow',
               'actions'=>array('update', 'delete'),
               'roles'=>array('admin1'),
           ),
           array('allow',
               'actions'=>array('update'),
               'roles'=>array('admin2'),
           ),
           ...
       );
   }
 }
 class CategoryController extends CController
 {
   …
   public function accessRules()
   {
       return array(
           ...
           array('allow',
               'actions'=>array('create', 'update', 'delete' ),
               'roles'=>array('admin1'),
           ),
           array('allow',
               'actions'=>array('create', 'view'),
               'roles'=>array('admin2'),
           ),
           ...
       );
   }
 }

Upvotes: 1

Related Questions